The present disclosure relates to information processing devices, information processing methods, and programs. In particular, the present disclosure relates to an information processing device, an information processing method, and a program that prevent unauthorized processing such as content reproduction in an unauthorized device for example.
These days, various media such as digital versatile disc (DVD), Blu-ray Disc (registered trademark), and flash memory are utilized as information recording media. In particular, these days, use of a memory card in which a high-capacity flash memory is incorporated is popular. The user can record content of music, movie, etc. in such various information recording media and load the media in a reproducing device (player) to reproduce the content.
However, the copyrights, distribution rights, and so forth of many pieces of content such as music data and image data are owned by the creators or sellers thereof. Therefore, in the case of providing content to users, generally certain use limits are established. Specifically, only the user having the regular use right is authorized to use the content and such control is carried out that unregulated use such as unauthorized copying is prevented.
Examples of a specific configuration for use control of content include encryption processing of the content. This configuration has such setting that content provided to users is encrypted and the encryption key thereof can be acquired by only the regular user. A description about these kinds of processing is made in e.g. Japanese Patent Laid-open No. 2008-98765.
Furthermore, there is a configuration to check the validity of e.g. a reproducing device that reproduces content and a storing device that records content and prohibit content use such as content reproduction and recording if an unauthorized device is used.
Specifically, revocation information (Revocation List) in which the identifiers (device IDs) of unauthorized devices are listed is created and a device that intends to reproduce or record content causes execution of verification as to whether the ID of the reproducing device or storing device is not registered in the revocation information. Only when it is confirmed that the ID is not registered, the device permits processing of content reproduction or so forth.
When the ID is recorded in the revocation information (Revocation List), it is confirmed that this device is unauthorized and reproduction and recording of the content are prohibited.
This revocation information (Revocation List) is issued by e.g. a management server (certificate authority) that carries out content management and is sequentially updated. Furthermore, it is given an electronic signature of the certificate authority as the issuer and has such a configuration as to prevent the falsification.
The user device that performs content reproduction or so forth checks the validity of the revocation information by this signature verification of the revocation information, and thereafter checks whether or not the ID of the reproducing device or storing device that is used is registered in the revocation information. Only when it is confirmed that the ID is not registered, the processing is permitted.
If new unauthorized equipment is discovered, the management server (certificate authority) executes update processing of the revocation information to additionally register the ID of this new unauthorized equipment. That is, the revocation information having the updated version is sequentially distributed.
The updated revocation information is provided to the user device via a network. Alternatively, it is recorded in a medium such as a disc in which content is recorded and is provided to the user device.
It is preferable to use the revocation information having the newer version in the user device. However, the update timing of the revocation information in the user device is limited to e.g. the timing of data transfer with a device, server, or medium having the revocation information of the new version, such as the timing of download of new content from the server and the timing of processing of content reproduction from a content storing medium newly purchased.
At such timing, the version of the revocation information stored in a memory of the self device is compared with the version of the revocation information that can be newly acquired. If the version of the revocation information stored in the self device is older, rewrite processing is executed. Specifically, the revocation information that can be newly acquired and has the newer version is acquired to be substituted for the revocation information in the memory of the self device. This update processing of the revocation information will be referred to as synchronization processing of the revocation information.
However, there is a possibility that fraud is conducted in this synchronization processing of the revocation information and processing of continuing to use the revocation information of an old version indefinitely is executed.
If such fraud is conducted, a possibility that unauthorized use of content is conducted is generated.
This is because there is a possibility of the following. Specifically, the ID of a newly discovered unauthorized device is not registered in the revocation information of an old version, and unauthorized equipment registered as unauthorized equipment in the revocation information of the new version executes unauthorized equipment determination processing based on the revocation information of the old version to thereby conduct content use as valid equipment although it is unauthorized equipment.